Mac OS X Sandbox Vulnerability “Not a Threat” to Apple

Recent additions to Mac OS X allow developers to run their applications in a semi-protected sandbox mode. In this mode, if an attacker were to compromise an application, it would be limited to the resources and permissions of the sandbox environment.

However, security researchers have been able to bypass permissions in the sandbox environment and gain full control of a system via Apple Scripts that can restrict internet access or send malicious scripts to other applications in a non-sandboxed environment. Unfortunately, Apple does not view this a security concern, but will most likely release a patch for it in the next Mac OS X update.